Skip navigation

SMB2 Remote Exploit Released
Last week an exploit was released dealing with SMB2 casing a DoS on Vista, 2008 Server boxes and the Win7 RC. This week, a well-known security company released a module that contains the remote exploit for this vulnerability. So now you have a choice: DoS the box or 0wn the box. The SANS ISC has released a blurb about this and some workarounds that’s probably worth a look-see and The Register has a decent story about it as well.

HITECH Act Encryption Loophole
The HITECH Act (as well as PCI-DSS) has consumed my time (read: overtaken my life) for quite some time now, so it’s no surprise that I bring up things from this from time to time.  The Register talks about how the Act states that if an organization utilizes encryption (mainly at a disk-level), they’re under no obligation to report a breach to their clients – essentially giving these companies a ‘get out of jail free’ card if a breach were to happen.  Just because you can encrypt your data doesn’t mean you shouldn’t be held liable for a breach of information!

Other Fun Tidbits:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: